I'm gonna take a shot and guess your going some vpn routing. Well either way the solution is the same .. Don't route the packets meant for the public domain. Then just route them using a standard routing table entry. I clipped the following rule from my rules. It basically states NAT everything outgoing except 10.0.0.0/24 which in this case is my VPN. After that routing is handled via the routing table. IPTABLES -t nat -A POSTROUTING -o $EXTIF ! -d 10.0.0.0/24 -j SNAT --to $EXTIP > Just like the subject says; is there any way to route a > public IP/subnet over a NAT address space? > > -- > Aaron Clausen >
